1. Field of the Invention
The present invention relates to systems and methods used to permit a user of a computing and data processing system to set a password that is used to limit access to the user's data stored within the computing and data processing system.
2. Description of the Related Art
User identification codes and passwords are well known. Our society uses passwords such as alpha numeric strings of characters (e.g., “COAT,” “9821,” “WAYCOOL4,” etc.) for many purposes such as to obtain cash from cash machines, to access computer and data processing system accounts (e.g., online accounts) where personal data is stored, and, generally, to provide a level of security to protect one's personal information from unwanted eyes.
Unfortunately, users of data processing and online systems often set passwords that are poor security guards. That is, users often pick passwords that are easy to “crack,” or be determined by others. When a password is easy to crack, a data thief may obtain access to systems and personal information, which can be wrongfully used. For example, some Internet and World Wide Web sites now permit users to pre-configure their online profiles to include credit card numbers and the like. If a user of such an online system were to select a password that is easily cracked, the user's credit card number could be stolen and wrongfully charged. In such cases, consumers and product and service providers suffer losses.
To address the problems associated with setting passwords, providers such as online providers have proposed various solutions. For example, some providers (e.g., WWW site operators, etc.) have addressed such problems administratively by implementing password establishment rules such as those associated with minimum length strings, upper and lower case character requirements, etc. Such solutions still do not prevent users from selecting and setting passwords containing strings of characters (alpha numeric strings) that may be easily cracked (e.g., the password “Usgovernment”). As such, rules based solutions do not allow a user to make a decision as to the relative strength of particular password candidate; instead, such rules based solutions require users to engage in brute force selection of passwords until one is selected that meets the particular rules in effect.
Another solution that has been proposed is to run a password cracking program against a submitted password candidate for a relatively short period of time to determine if the password can be easily cracked. Unfortunately, such programs are often time consuming to run, are subject to limited algorithms for determining “crackability” (i.e., a password's susceptibility to being determined by unwanted eyes) and are not run in real time. As such, users often must wait for a determination to be made prior to accessing a system (e.g., an online system, etc.).
Thus, there exists a need to provide new and improved systems and methods to solve the aforementioned problems associated with selecting and setting passwords such as those that may be used with online systems and services (e.g., WWW services, etc.). To be viable, such systems and methods must permit a user to select a password in real time and learn of its relative strength (e.g., its crackability) prior to actually setting the password.